The main documentation repository for the 🍭☁️
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long. 4.4KB


A very simple way to setup/run Syncthing in a container. This approach will also update to the latest syncthing releases if available.

Inspiration / Sources


We need one utility to ensure we can find the latest releases. Install it.

apt update
apt install jq

Preflight Configuration

Setup basic config / storage areas ahead of install

mkdir -p /var/syncthing/.config/syncthing
groupadd syncthing
useradd -s /usr/sbin/nologin -d /var/syncthing -g syncthing syncthing
cat > /var/syncthing/.config/syncthing/config.xml <<EOF
<configuration version="28">
        <minHomeDiskFree unit="%">10</minHomeDiskFree>
chown syncthing -R /var/syncthing
chgrp syncthing -R /var/syncthing

Install Syncthing

Grab the latest release of syncthing, drop it in place, setup system service.

RELEASE=`curl -s | jq -r .tag_name`
if [ $ARCH == "aarch64" ]

gpg --keyserver --recv-key D26E6ED000654A3E
mkdir -p /tmp/syncthing
cd /tmp/syncthing
curl -sLO${RELEASE}/syncthing-linux-${ARCH}-${RELEASE}.tar.gz
curl -sLO${RELEASE}/sha256sum.txt.asc
gpg --verify sha256sum.txt.asc
grep syncthing-linux-${ARCH} sha256sum.txt.asc | sha256sum
tar -zxf syncthing-linux-${ARCH}-${RELEASE}.tar.gz
mv syncthing-linux-${ARCH}-${RELEASE}/syncthing /usr/bin/syncthing
chmod a+x /usr/bin/syncthing
mv syncthing-linux-${ARCH}-${RELEASE}/etc/linux-systemd/system/syncthing@.service /etc/systemd/system
systemctl daemon-reload
cd ~
rm -rf /tmp/syncthing

Adjust firewall to allow syncthing on internal network(s)

firewall-cmd --permanent --zone=internal --add-port 22000/tcp --add-port 21027/udp
# Allow GUI from docker containers (it'll be proxied by the main web proxy container for ssl purposes)
firewall-cmd --permanent --zone=trusted --add-port 22000/tcp --add-port 21027/udp --add-port 8384/tcp
firewall-cmd --reload

Run Syncthing Via systemd Service

systemctl enable syncthing@syncthing.service
systemctl start syncthing@syncthing.service

Setup Update Script

Syncthing has an auto update mechanism. Script it so it can be run at any point to get updates.

cat > /root/ <<EOF
/usr/bin/syncthing -upgrade-check
/usr/bin/syncthing -upgrade

chmod a+x /root/

Update Unbound

cat > /etc/unbound/local_zone/syncthing.conf <<EOF
local-data: "syncthing A"
local-data-ptr: " synching"
local-data: "syncthing.domain.tld A"
local-data-ptr: " synching.domain.tld"

local-data: "syncthing-gui A"
local-data: "syncthing-gui.domain.tld A"
local-data-ptr: " syncthing-gui"
local-data-ptr: " syncthing-gui.domain.tld"

Serving Via Caddy

cat > /etc/caddy/services/syncthing.conf <<EOF
# Syncthing proxy
syncthing-gui.domain.tld {
    tls user@domain.tld

    redir 301 {
        if {scheme} is http
        /  https://syncthing-gui.domain.tld{uri}

    log /var/log/caddy/syncthing.log
    proxy / {
        header_upstream Host # Reset the transparent proxy host so requests aren't blocked by syncthing

Admin Interface

Once the container is online you can get to the admin interface at http://syncthing.domain.tld:8384.

Finish Configuration via GUI

  • ssh router with 8384 port forward
  • Open the admin interface in your browser
  • Configure /tank/syncthing/global as default shared folder
    • IF you have a /tank available
  • Set Minimum disk space to 10%
  • Disable Anonymous usage reporting
  • Setup a GUI Authentication User and GUI Authentication Password